--- version: "{{ skylab_compose_version }}" networks: meta: name: meta driver: overlay ipam: driver: default config: - subnet: {{ app.networks.ext }} volumes: {% for key, value in app.volumes.items() %} meta-{{ key }}: name: datastore{{ value }} driver: glusterfs {% endfor %} services: proxy: image: nginx:{{ app.versions.proxy }} hostname: proxy networks: - meta extra_hosts: - "dockerloopback:{{ app.settings.loopback_address }}" ports: - published: {{ app.ports.80 }} target: 80 protocol: tcp mode: ingress - published: {{ app.ports.443 }} target: 443 protocol: tcp mode: ingress volumes: - type: volume source: meta-nginx target: /etc/nginx read_only: true - type: volume source: meta-letsencrypt-config target: /etc/letsencrypt read_only: true deploy: replicas: 2 placement: max_replicas_per_node: 1 certbot: image: certbot/certbot:{{ app.versions.certbot }} hostname: certbot command: renew --standalone networks: - meta ports: - published: 8088 # This is hardcoded to avoid conflicts target: 80 protocol: tcp mode: ingress volumes: - type: volume source: meta-letsencrypt-config target: /etc/letsencrypt read_only: false - type: volume source: meta-letsencrypt-data target: /var/lib/letsencrypt read_only: false deploy: replicas: 1 restart_policy: condition: any delay: 24h backup: image: rockylinux:latest hostname: backup command: bash /datastore/backup/mkbkup.sh /datastore/ networks: - meta volumes: - type: volume source: meta-backup target: /datastore/backup read_only: false - type: volume source: meta-appdata target: /datastore/appdata read_only: true deploy: replicas: 1 restart_policy: condition: any delay: 24h